More results...
The North Korean state-sponsored hacking group APT37, also known as ScarCruft, launched a spear phishing campaign targeting activists focused on North Korean issues. Named “Operation: ToyBox Story” by Genians Security Center (GSC), this cam…
Cybersecurity researchers at Cofense Intelligence have identified a sophisticated phishing tactic leveraging Blob URIs (Uniform Resource Identifiers) to deliver credential phishing pages directly to users’ inboxes while evading traditional email securi…
Cybersecurity researchers at Cofense Intelligence have identified a sophisticated phishing tactic leveraging Blob URIs (Uniform Resource Identifiers) to deliver credential phishing pages directly to users’ inboxes while evading traditional email securi…
Silent Push researchers have identified that the notorious hacker collective Scattered Spider, also known as UNC3944 or Octo Tempest, continues to actively target prominent services in 2025, including Klaviyo, HubSpot, and Pure Storage. This group, act…
Threat actors have begun exploiting multimedia systems as a pivotal component of their voice phishing (vishing) attacks. Unlike traditional vishing schemes that rely solely on spoofed phone numbers and social engineering tactics, these advanced operati…
PIVOTcon, joint research by Validin and SentinelLABS has exposed FreeDrain, an industrial-scale cryptocurrency phishing operation that has been stealthily siphoning digital assets for years. This sophisticated campaign leverages search engine optimizat…
Chinese hackers used the CoGUI phishing kit to send over 580 million scam emails to Japanese users in early 2025, impersonating brands like Amazon and PayPal.
The post Chinese Hackers Flood Japan with 580 Million Phishing Emails Using ‘CoGUI’ Kit appeared first on eSecurity Planet.
As new malware delivery campaigns using the ClickFix social engineering tactic are spotted nearly every month, it’s interesting to see how the various attackers are trying to refine the two main elements: the lure and the “instruction”…
Cybercriminals aren’t always loud and obvious. Sometimes, they play it quiet and smart. One of the tricks of…
A high-profile Russian Instagram blogger recently fell victim to a sophisticated cyberattack, where scammers hijacked her account to orchestrate a fake $125,000 cash giveaway. The attackers employed advanced techniques, including AI-generated deepfake …